Описание
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
Ссылки
- Mailing ListThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.37 (включая)
cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
Конфигурация 4Версия от 7.3 (включая)
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:linux:*:*
Конфигурация 5
Одно из
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
Конфигурация 6
Одно из
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00216
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 7.8
ubuntu
почти 6 лет назад
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
CVSS3: 7.8
redhat
почти 6 лет назад
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
CVSS3: 7.8
debian
почти 6 лет назад
cdf_read_property_info in cdf.c in file through 5.37 does not restrict ...
EPSS
Процентиль: 44%
0.00216
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-787